Hash Calculator
Compute MD5, SHA-1, SHA-256, SHA-512 and HMAC hashes. Results in hexadecimal.
Hash
HMAC
Input0
Algorithm
SHA-256
Result
About This ToolFree online hash calculator. Supports MD5, SHA-1, SHA-256, SHA-512 for simple hashing, and HMAC-MD5, HMAC-SHA1, HMAC-SHA256, HMAC-SHA512 for keyed hashing. All results are in hexadecimal. No data is sent to the server; computation runs in your browser.
About Hash & HMACWhat is a hash?A hash function takes input of any length and produces a fixed-length output (digest). Same input always gives the same hash; a tiny change in input changes the hash completely. Hashes are one-way: you cannot recover the original data from the hash. They are used for integrity checks, checksums, and digital signatures.MD5MD5 (Message-Digest Algorithm 5) outputs a 128-bit (32 hex character) digest. It was widely used for checksums and file integrity, but is now considered cryptographically broken: collisions can be found. Use it only for non-security purposes (e.g. cache keys, short identifiers). Do not use for passwords or security-sensitive data.SHA-1SHA-1 (Secure Hash Algorithm 1) outputs a 160-bit (40 hex character) digest. It has been deprecated for security: practical collision attacks exist. Still used in some legacy systems (e.g. Git commit IDs). Prefer SHA-256 or SHA-512 for new applications.SHA-256SHA-256 is part of the SHA-2 family. It outputs a 256-bit (64 hex character) digest and is widely used for security: TLS/SSL, certificates, Bitcoin, and many protocols. No practical attacks; recommended for general-purpose hashing and digital signatures.SHA-512SHA-512 is also part of SHA-2. It outputs a 512-bit (128 hex character) digest. More secure and faster on 64-bit systems than SHA-256 in some implementations. Used when a longer digest or higher security margin is needed.What is HMAC?HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key. Given the same message and key, HMAC always produces the same result. Without the key, an attacker cannot forge a valid HMAC. HMAC is used for message authentication (ensuring the message was not tampered with and came from someone who knows the key), API signatures, and secure tokens.Hash vs HMACA plain hash (MD5, SHA-1, SHA-256, SHA-512) depends only on the input: anyone can compute it. HMAC depends on both the message and a secret key: only parties with the key can compute or verify it. Use a hash for integrity (e.g. file checksum). Use HMAC when you need authentication (e.g. verifying that a request or token was created by a trusted party with the key).